From 7df9724e20005ccdd3e5daaeebf80eb0c5c46083 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Tue, 27 Mar 2018 13:07:13 +0200 Subject: Crypto: Add support for 5 new cascades of cipher algorithms (Camellia-Kuznyechik, Camellia-Serpent, Kuznyechik-AES, Kuznyechik-Serpent-Camellia and Kuznyechik-Twofish) --- src/Common/Crypto.c | 5 ++ src/Common/Crypto.h | 2 +- src/Common/Tests.c | 164 ++++++++++++++++++++++++++++++++++++- src/Core/Unix/Linux/CoreLinux.cpp | 6 +- src/Volume/EncryptionAlgorithm.cpp | 51 ++++++++++++ src/Volume/EncryptionAlgorithm.h | 5 ++ src/Volume/EncryptionTest.cpp | 162 +++++++++++++++++++++++++++++++++++- src/Volume/VolumeLayout.cpp | 17 +++- 8 files changed, 406 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/Common/Crypto.c b/src/Common/Crypto.c index 3f7e9871..00d44a93 100644 --- a/src/Common/Crypto.c +++ b/src/Common/Crypto.c @@ -87,6 +87,11 @@ static EncryptionAlgorithm EncryptionAlgorithms[] = { { AES, SERPENT, 0 }, { XTS, 0 }, 1, 1 }, { { AES, TWOFISH, SERPENT, 0 }, { XTS, 0 }, 1, 1 }, { { SERPENT, TWOFISH, 0 }, { XTS, 0 }, 1, 1 }, + { { KUZNYECHIK, CAMELLIA, 0 }, { XTS, 0 }, 0, 1 }, + { { TWOFISH, KUZNYECHIK, 0 }, { XTS, 0 }, 0, 1 }, + { { SERPENT, CAMELLIA, 0 }, { XTS, 0 }, 0, 1 }, + { { AES, KUZNYECHIK, 0 }, { XTS, 0 }, 0, 1 }, + { { CAMELLIA, SERPENT, KUZNYECHIK, 0 }, { XTS, 0 }, 0, 1 }, { { 0, 0 }, { 0, 0}, 0, 0 } // Must be all-zero #else // TC_WINDOWS_BOOT diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index 1d0c96e5..e66cfbab 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -173,7 +173,7 @@ typedef struct #ifdef TC_WINDOWS_BOOT #define MAX_EXPANDED_KEY VC_MAX((AES_KS + SERPENT_KS + TWOFISH_KS), CAMELLIA_KS) #else -#define MAX_EXPANDED_KEY VC_MAX(VC_MAX(VC_MAX((AES_KS + SERPENT_KS + TWOFISH_KS), GOST_KS), CAMELLIA_KS), KUZNYECHIK_KS) +#define MAX_EXPANDED_KEY VC_MAX(VC_MAX(VC_MAX(VC_MAX((AES_KS + SERPENT_KS + TWOFISH_KS), GOST_KS), CAMELLIA_KS + KUZNYECHIK_KS + SERPENT_KS), KUZNYECHIK_KS + TWOFISH_KS), AES_KS + KUZNYECHIK_KS) #endif #endif diff --git a/src/Common/Tests.c b/src/Common/Tests.c index 77a7aa2e..e83f556f 100644 --- a/src/Common/Tests.c +++ b/src/Common/Tests.c @@ -1030,6 +1030,136 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) break; } } + else if (wcscmp (name, L"Camellia-Kuznyechik") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x4ea34e89) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0xb3ad8559) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0xde361313) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0x519d2bf9) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Kuznyechik-Twofish") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x748f8631) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x8a4b0888) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0xe0310188) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xfc2b6b45) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Camellia-Serpent") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x10569a42) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x4de95152) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0xe17b5fe7) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0xdbf993fa) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Kuznyechik-AES") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0xc479f95d) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x58eaf88d) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0xbe300cc2) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0x9b681c2e) + return FALSE; + nTestsPerformed++; + break; + } + } + else if (wcscmp (name, L"Kuznyechik-Serpent-Camellia") == 0) + { + switch (testCase) + { + case 0: + if (crc != 0x9d8ac7ee) + return FALSE; + nTestsPerformed++; + break; + case 1: + if (crc != 0x5d7d347f) + return FALSE; + nTestsPerformed++; + break; + case 2: + if (crc != 0x884b62ee) + return FALSE; + nTestsPerformed++; + break; + case 3: + if (crc != 0x5c6c3997) + return FALSE; + nTestsPerformed++; + break; + } + } if (crc == 0x9f5edd58) return FALSE; @@ -1144,6 +1274,36 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) return FALSE; nTestsPerformed++; } + else if (wcscmp (name, L"Camellia-Kuznyechik") == 0) + { + if (crc != 0xe69d680d) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Kuznyechik-Twofish") == 0) + { + if (crc != 0xe0aef0d1) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Camellia-Serpent") == 0) + { + if (crc != 0x58aad727) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Kuznyechik-AES") == 0) + { + if (crc != 0x4641234a) + return FALSE; + nTestsPerformed++; + } + else if (wcscmp (name, L"Kuznyechik-Serpent-Camellia") == 0) + { + if (crc != 0x755dad72) + return FALSE; + nTestsPerformed++; + } if (crc == 0x9f5edd58) return FALSE; @@ -1156,9 +1316,9 @@ BOOL TestSectorBufEncryption (PCRYPTO_INFO ci) nTestsPerformed++; } #if defined(CIPHER_GOST89) - return (nTestsPerformed == 110); + return (nTestsPerformed == 160); #else - return (nTestsPerformed == 105); + return (nTestsPerformed == 155); #endif } diff --git a/src/Core/Unix/Linux/CoreLinux.cpp b/src/Core/Unix/Linux/CoreLinux.cpp index 0840d243..0fa97f64 100644 --- a/src/Core/Unix/Linux/CoreLinux.cpp +++ b/src/Core/Unix/Linux/CoreLinux.cpp @@ -304,7 +304,11 @@ namespace VeraCrypt { bool xts = (typeid (*volume->GetEncryptionMode()) == typeid (EncryptionModeXTS)); bool algoNotSupported = (typeid (*volume->GetEncryptionAlgorithm()) == typeid (GOST89)) - || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (Kuznyechik)); + || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (Kuznyechik)) + || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (CamelliaKuznyechik)) + || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (KuznyechikTwofish)) + || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (KuznyechikAES)) + || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (KuznyechikSerpentCamellia)); if (options.NoKernelCrypto || !xts diff --git a/src/Volume/EncryptionAlgorithm.cpp b/src/Volume/EncryptionAlgorithm.cpp index e36b500c..b94f69fa 100644 --- a/src/Volume/EncryptionAlgorithm.cpp +++ b/src/Volume/EncryptionAlgorithm.cpp @@ -69,6 +69,11 @@ namespace VeraCrypt l.push_back (shared_ptr (new Kuznyechik ())); l.push_back (shared_ptr (new AESTwofish ())); l.push_back (shared_ptr (new AESTwofishSerpent ())); + l.push_back (shared_ptr (new CamelliaKuznyechik ())); + l.push_back (shared_ptr (new CamelliaSerpent ())); + l.push_back (shared_ptr (new KuznyechikAES ())); + l.push_back (shared_ptr (new KuznyechikSerpentCamellia ())); + l.push_back (shared_ptr (new KuznyechikTwofish ())); l.push_back (shared_ptr (new SerpentAES ())); l.push_back (shared_ptr (new SerpentTwofishAES ())); l.push_back (shared_ptr (new TwofishSerpent ())); @@ -314,4 +319,50 @@ namespace VeraCrypt SupportedModes.push_back (shared_ptr (new EncryptionModeXTS ())); } + + // Kuznyechik-Twofish + KuznyechikTwofish::KuznyechikTwofish () + { + Ciphers.push_back (shared_ptr (new CipherTwofish ())); + Ciphers.push_back (shared_ptr (new CipherKuznyechik ())); + + SupportedModes.push_back (shared_ptr (new EncryptionModeXTS ())); + } + + // Kuznyechik-AES + KuznyechikAES::KuznyechikAES () + { + Ciphers.push_back (shared_ptr (new CipherAES ())); + Ciphers.push_back (shared_ptr (new CipherKuznyechik ())); + + SupportedModes.push_back (shared_ptr (new EncryptionModeXTS ())); + } + + // Kuznyechik-Serpent-Camellia + KuznyechikSerpentCamellia::KuznyechikSerpentCamellia () + { + Ciphers.push_back (shared_ptr (new CipherCamellia ())); + Ciphers.push_back (shared_ptr (new CipherSerpent ())); + Ciphers.push_back (shared_ptr (new CipherKuznyechik ())); + + SupportedModes.push_back (shared_ptr (new EncryptionModeXTS ())); + } + + // Camellia-Kuznyechik + CamelliaKuznyechik::CamelliaKuznyechik () + { + Ciphers.push_back (shared_ptr (new CipherKuznyechik ())); + Ciphers.push_back (shared_ptr (new CipherCamellia ())); + + SupportedModes.push_back (shared_ptr (new EncryptionModeXTS ())); + } + + // Camellia-Serpent + CamelliaSerpent::CamelliaSerpent () + { + Ciphers.push_back (shared_ptr (new CipherSerpent ())); + Ciphers.push_back (shared_ptr (new CipherCamellia ())); + + SupportedModes.push_back (shared_ptr (new EncryptionModeXTS ())); + } } diff --git a/src/Volume/EncryptionAlgorithm.h b/src/Volume/EncryptionAlgorithm.h index c2d7acbd..a701e700 100644 --- a/src/Volume/EncryptionAlgorithm.h +++ b/src/Volume/EncryptionAlgorithm.h @@ -88,6 +88,11 @@ namespace VeraCrypt TC_ENCRYPTION_ALGORITHM (Camellia); TC_ENCRYPTION_ALGORITHM (GOST89); TC_ENCRYPTION_ALGORITHM (Kuznyechik); + TC_ENCRYPTION_ALGORITHM (KuznyechikTwofish); + TC_ENCRYPTION_ALGORITHM (KuznyechikAES); + TC_ENCRYPTION_ALGORITHM (KuznyechikSerpentCamellia); + TC_ENCRYPTION_ALGORITHM (CamelliaKuznyechik); + TC_ENCRYPTION_ALGORITHM (CamelliaSerpent); #undef TC_ENCRYPTION_ALGORITHM } diff --git a/src/Volume/EncryptionTest.cpp b/src/Volume/EncryptionTest.cpp index 23d04ea1..22aea220 100644 --- a/src/Volume/EncryptionTest.cpp +++ b/src/Volume/EncryptionTest.cpp @@ -835,6 +835,136 @@ namespace VeraCrypt break; } } + else if (typeid (ea) == typeid (CamelliaKuznyechik)) + { + switch (testCase) + { + case 0: + if (crc != 0x4ea34e89) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 1: + if (crc != 0xb3ad8559) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 2: + if (crc != 0xde361313) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 3: + if (crc != 0x519d2bf9) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + } + } + else if (typeid (ea) == typeid (KuznyechikTwofish)) + { + switch (testCase) + { + case 0: + if (crc != 0x748f8631) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 1: + if (crc != 0x8a4b0888) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 2: + if (crc != 0xe0310188) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 3: + if (crc != 0xfc2b6b45) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + } + } + else if (typeid (ea) == typeid (CamelliaSerpent)) + { + switch (testCase) + { + case 0: + if (crc != 0x10569a42) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 1: + if (crc != 0x4de95152) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 2: + if (crc != 0xe17b5fe7) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 3: + if (crc != 0xdbf993fa) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + } + } + else if (typeid (ea) == typeid (KuznyechikAES)) + { + switch (testCase) + { + case 0: + if (crc != 0xc479f95d) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 1: + if (crc != 0x58eaf88d) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 2: + if (crc != 0xbe300cc2) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 3: + if (crc != 0x9b681c2e) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + } + } + else if (typeid (ea) == typeid (KuznyechikSerpentCamellia)) + { + switch (testCase) + { + case 0: + if (crc != 0x9d8ac7ee) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 1: + if (crc != 0x5d7d347f) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 2: + if (crc != 0x884b62ee) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + case 3: + if (crc != 0x5c6c3997) + throw TestFailed (SRC_POS); + nTestsPerformed++; + break; + } + } if (crc == 0x9f5edd58) throw TestFailed (SRC_POS); @@ -949,6 +1079,36 @@ namespace VeraCrypt throw TestFailed (SRC_POS); nTestsPerformed++; } + else if (typeid (ea) == typeid (CamelliaKuznyechik)) + { + if (crc != 0xe69d680d) + throw TestFailed (SRC_POS); + nTestsPerformed++; + } + else if (typeid (ea) == typeid (KuznyechikTwofish)) + { + if (crc != 0xe0aef0d1) + throw TestFailed (SRC_POS); + nTestsPerformed++; + } + else if (typeid (ea) == typeid (CamelliaSerpent)) + { + if (crc != 0x58aad727) + throw TestFailed (SRC_POS); + nTestsPerformed++; + } + else if (typeid (ea) == typeid (KuznyechikAES)) + { + if (crc != 0x4641234a) + throw TestFailed (SRC_POS); + nTestsPerformed++; + } + else if (typeid (ea) == typeid (KuznyechikSerpentCamellia)) + { + if (crc != 0x755dad72) + throw TestFailed (SRC_POS); + nTestsPerformed++; + } if (crc == 0x9f5edd58) throw TestFailed (SRC_POS); @@ -961,7 +1121,7 @@ namespace VeraCrypt nTestsPerformed++; } - if (nTestsPerformed != 110) + if (nTestsPerformed != 160) throw TestFailed (SRC_POS); } diff --git a/src/Volume/VolumeLayout.cpp b/src/Volume/VolumeLayout.cpp index 701bca84..0eaed427 100644 --- a/src/Volume/VolumeLayout.cpp +++ b/src/Volume/VolumeLayout.cpp @@ -104,6 +104,11 @@ namespace VeraCrypt SupportedEncryptionAlgorithms.push_back (shared_ptr (new Kuznyechik ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new AESTwofish ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new AESTwofishSerpent ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new CamelliaKuznyechik ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new CamelliaSerpent ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikAES ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikSerpentCamellia ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikTwofish ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new SerpentAES ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new SerpentTwofishAES ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new TwofishSerpent ())); @@ -145,6 +150,11 @@ namespace VeraCrypt SupportedEncryptionAlgorithms.push_back (shared_ptr (new Kuznyechik ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new AESTwofish ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new AESTwofishSerpent ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new CamelliaKuznyechik ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new CamelliaSerpent ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikAES ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikSerpentCamellia ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikTwofish ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new SerpentAES ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new SerpentTwofishAES ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new TwofishSerpent ())); @@ -193,10 +203,15 @@ namespace VeraCrypt SupportedEncryptionAlgorithms.push_back (shared_ptr (new Kuznyechik ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new AESTwofish ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new AESTwofishSerpent ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new CamelliaKuznyechik ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new CamelliaSerpent ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikAES ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikSerpentCamellia ())); + SupportedEncryptionAlgorithms.push_back (shared_ptr (new KuznyechikTwofish ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new SerpentAES ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new SerpentTwofishAES ())); SupportedEncryptionAlgorithms.push_back (shared_ptr (new TwofishSerpent ())); - + SupportedEncryptionModes.push_back (shared_ptr (new EncryptionModeXTS ())); } -- cgit v1.2.3